About the WhatsUp Gold default SSL certificates

Important: The following SSL certificate information applies to the WhatsUp Gold web server only. If you use Microsoft IIS as the web server for WhatsUp Gold and want to implement SSL certificates, refer to Microsoft or other trusted resources for more information. Following are suggested IIS and SSL resources: SSL and Certificates (IIS 6) and Configuring Server Certificates in IIS 7.

WhatsUp Gold installs the SSL certificates and keys needed to immediately begin connecting to the SSL web server using 128 bit encryption.

The SSL files included with WhatsUp Gold (root.pem and server.pem) are installed with every copy of WhatsUp Gold as a demonstration of how SSL can be used to encrypt web traffic. If you choose to use these default files, your encrypted session can be intercepted and decrypted by anyone who has access to these files.

You should replace the default certificates with new SSL certificates that you generate and sign. These sample files reside in the <WhatsUp Gold Install Directory>\Data\SSL directory. Also, since the sample certificate is issued with Ipswitch as the Common Name, it will generate a Domain Name Mismatch Security Error every time a new browser session is established.

Important: If the Secure Socket Layer (SSL) web server is enabled for the WhatsUp Gold web server (WhatsUp Gold console - Configure > Program Options > Web Server), we recommend that you use a valid SSL certificate. To acquire a valid SSL certificate, refer to an SSL certificate provider such as VeriSign. For more information, see the to WhatsUp Gold KB article for using a 3rd-party SSL certificate with the WhatsUp Gold web interface.